[jboss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: JBoss, Tomcat, CVE-2008-1232 and related

jfrederic.clere@jboss.com do-not-reply at jboss.com
Fri Sep 12 02:32:28 EDT 2008

Look in http://anonsvn.jboss.org/repos/jbossas/tags/JBoss_4_0_3_SP1/build/build-thirdparty.xml
It says:
So it uses the tomcat from http://repository.jboss.com/apache-tomcat/5.5.9jboss/src/
Looks a normal tc-5.5.9.
So look in http://tomcat.apache.org/security-5.html

Answer yes your are vulnerable.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4176030#4176030

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4176030

More information about the jboss-user mailing list